<?php
include "header.php";
include "mysqli_connection.php";

if (!isset($_SESSION["username"])){
	echo "<script>window.location.href='login.php'</script>";
}
else{
?>
<script>change_picture("admin");</script>
<script>
function jump(){
	window.location.href='managehome.php';
}

</script>
<h1>Change Password</h1>
<?php
	$query = "SELECT password FROM Managers WHERE (username = ?) AND (password=?);";
	$stmt = $mysqli->stmt_init();
	if ($stmt = $mysqli->prepare($query)){
		$stmt->bind_param("ss", $_SESSION["username"],$_POST["oldpassword"]);
		$stmt->execute();
		$stmt->bind_result($password_queried);

		if (!$stmt->fetch()&&$_POST["oldpassword"]!=""){  
			echo "Not correct old password";
			 $stmt->close();
		}
		else if($_POST["newpassword1"]!=$_POST["newpassword2"]){
			echo "You need to input 2 same password";
			 $stmt->close();
		}
		else if($_POST["oldpassword"]!=""){
		    $stmt->close();
			$query2="UPDATE Managers SET password = ? WHERE username = ?;";
			$stmt2 = $mysqli->stmt_init();
			if ($stmt2 = $mysqli->prepare($query2)){
				$stmt2->bind_param("ss", $_POST["newpassword1"],$_SESSION["username"]);
	            $stmt2->execute();
				$stmt2->close();
				echo"Changing code Succeed!";
?>
<div>
Jumping to manage courses page in 3 seconds...<br />
<a href="managehome.php">Click here to jump immediately</a>
</div>
<script>
window.setTimeout("jump();",3000);</script>
<?php
			}
		
		}
		
	}
	
?>
<div>
<form action = "#" method = "POST"/>
<input type = "hidden" name = "c_id" value = "<?php echo $id; ?>" />
<label for = "oldpassword">Input Old Password: </label><input type = "password" name = "oldpassword" value = "<?php echo $oldpassword; ?>" /><br />
<label for = "newpassword1">Input New password: </label><input type = "password" name = "newpassword1" value = "<?php echo $newpassword1; ?>" /><br />
<label for = "newpassword2">Repeat New password: </label><input type = "password" name = "newpassword2" value = "<?php echo $newpassword2; ?>" /><br />
<input type = "button" value = "Back" onclick = "window.location.href='managehome.php'" />
<input type = "submit" value = "Update"/>
</form>
</div>
<?php
}
include "footer.php";
